Added support for AWS Sig V4 Authentication

This commit is contained in:
Brian Rodgers 2023-10-06 08:47:05 -05:00 committed by Brian Rodgers
parent e2e3895a58
commit 295d82dca9
2 changed files with 29 additions and 21 deletions

View File

@ -5,6 +5,24 @@ function isStrPresent(str) {
return str && str !== '' && str !== 'undefined'; return str && str !== '' && str !== 'undefined';
} }
async function resolveCredentials(request) {
const awsv4 = request.awsv4config;
if (isStrPresent(awsv4.profileName)) {
try {
credentialsProvider = fromIni({
profile: awsv4.profileName
});
credentials = await credentialsProvider();
awsv4.accessKeyId = credentials.accessKeyId;
awsv4.secretAccessKey = credentials.secretAccessKey;
awsv4.sessionToken = credentials.sessionToken;
} catch {
console.error('Failed to fetch credentials from AWS profile.');
}
}
return awsv4;
}
function addAwsV4Interceptor(axiosInstance, request) { function addAwsV4Interceptor(axiosInstance, request) {
if (!request.awsv4config) { if (!request.awsv4config) {
console.warn('No Auth Config found!'); console.warn('No Auth Config found!');
@ -12,38 +30,27 @@ function addAwsV4Interceptor(axiosInstance, request) {
} }
const awsv4 = request.awsv4config; const awsv4 = request.awsv4config;
if (!isStrPresent(awsv4.profileName) && (!isStrPresent(awsv4.accessKeyId) || !isStrPresent(awsv4.secretAccessKey))) { if (!isStrPresent(awsv4.accessKeyId) || !isStrPresent(awsv4.secretAccessKey)) {
console.warn('Required Auth Fields are not present'); console.warn('Required Auth Fields are not present');
return; return;
} }
let credentials = {
accessKeyId: awsv4.accessKeyId,
secretAccessKey: awsv4.secretAccessKey,
sessionToken: awsv4.sessionToken
};
if (isStrPresent(awsv4.profileName)) {
try {
credentials = fromIni({
profile: awsv4.profileName
});
} catch {
console.error('Failed to fetch credentials from AWS profile.');
}
}
const interceptor = aws4Interceptor({ const interceptor = aws4Interceptor({
options: { options: {
region: awsv4.region, region: awsv4.region,
service: awsv4.service service: awsv4.service
}, },
credentials credentials: {
accessKeyId: awsv4.accessKeyId,
secretAccessKey: awsv4.secretAccessKey,
sessionToken: awsv4.sessionToken
}
}); });
axiosInstance.interceptors.request.use(interceptor); axiosInstance.interceptors.request.use(interceptor);
console.log('Added AWS V4 interceptor to axios.');
} }
module.exports = { module.exports = {
addAwsV4Interceptor addAwsV4Interceptor,
resolveCredentials
}; };

View File

@ -17,7 +17,7 @@ const { getPreferences } = require('../../store/preferences');
const { getProcessEnvVars } = require('../../store/process-env'); const { getProcessEnvVars } = require('../../store/process-env');
const { getBrunoConfig } = require('../../store/bruno-config'); const { getBrunoConfig } = require('../../store/bruno-config');
const { makeAxiosInstance } = require('./axios-instance'); const { makeAxiosInstance } = require('./axios-instance');
const { addAwsV4Interceptor } = require('./awsv4auth-helper'); const { addAwsV4Interceptor, resolveCredentials } = require('./awsv4auth-helper');
// override the default escape function to prevent escaping // override the default escape function to prevent escaping
Mustache.escape = function (value) { Mustache.escape = function (value) {
@ -248,6 +248,7 @@ const registerNetworkIpc = (mainWindow) => {
const axiosInstance = makeAxiosInstance(); const axiosInstance = makeAxiosInstance();
if (request.awsv4config) { if (request.awsv4config) {
request.awsv4config = await resolveCredentials(request);
addAwsV4Interceptor(axiosInstance, request); addAwsV4Interceptor(axiosInstance, request);
delete request.awsv4config; delete request.awsv4config;
} }